17:01:09 #startmeeting 17:01:09 Meeting started Mon Apr 13 17:01:09 2015 UTC. The chair is r2r0. Information about MeetBot at http://wiki.debian.org/MeetBot. 17:01:09 Useful Commands: #action #agreed #help #info #idea #link #topic. 17:01:12 hola 17:01:21 aagbsn: hey there :) 17:01:38 hi 17:03:10 who else is here? 17:03:17 anadahz: hi :) 17:03:30 I am here 17:03:37 duncank: oh awesome! 17:03:44 duncank: greetings :) 17:03:51 hi :) 17:04:47 shall we begin the go-around? 17:04:48 simone told me he would not manage to join us today 17:04:57 aagbsn: yes we shall 17:05:32 since our past meeting I completed an implementation of a Lantern test and submitted a PR 17:05:50 with an accompanying ooni-spec PR 17:06:08 r2r0 made some feedback, which I will review this week and update the status of these PR 17:06:15 additional feedback is very welcome 17:06:22 if any Lantern developers are in the house ;) 17:06:41 I believe that is an accurate tl;dr - any questions? 17:07:18 else the next can go 17:07:21 aagbsn: we should also perhaps send alex and ox an email telling them this so they can interact with the PRs 17:07:35 they may be more of an email animal than an IRC one 17:07:37 agree, I will provide them with links to the code and PR 17:07:47 cool 17:08:13 what does the 'agree' command do? 17:08:27 aagbsn: not sure 17:08:31 #agreed aagbsn will provide lantern developers with ooni lantern test implementation and ask for feedback 17:08:45 * aagbsn shrugs 17:08:50 anything else? 17:09:23 I will go next 17:10:17 so I have been discussing this option of doing the OONI hackfest at the Italian Camera dei Deputati (http://it.wikipedia.org/wiki/Camera_dei_deputati) and it seems like we are quite well set 17:10:55 they will give us the space, though it will probably not be possible to run it until Sunday (since they close on Sunday and we would require extra authorization to keep it open) 17:11:13 this would mean that we should probably run it from Thu-Sat 17:11:40 Saturday it stays open only until the afternoon, but it may be easier to extend that period 17:12:09 that said since we still don't have a lock on the funds for it, we have been considering moving it down a bit 17:12:22 to june 17:12:43 this would also give us more time to at best coordinate the communication for the event 17:13:15 also June is a great period to be in Rome and if some people wish to stay even after the hackfest we can go to the beach or something 17:13:28 :) 17:13:49 I have also found an office in Rome 17:13:56 that is conveniently walking distance from the parliament 17:14:15 it's inside of the offices of the "Radicali" party 17:14:43 I spoke to r2r0 on this topic earlier and think that we should lock in dates and proceed with announcing the event 17:15:04 there is quite a bit of space there so if the parliament closes at a certain time or we want to do late night hacking (the parliament closes at night) we can go there 17:15:10 but we are still waiting for OTF to confirm? 17:15:52 OTF gave positive feedback though the scope of our requestion may be reduced 17:16:01 er, request, even 17:16:17 yeah, we fist need to 1) Get confirmation from the Parliament of the exact dates (I will call them tomorrow morning or wednesday) 2) Know exactly how much budget we have so we can say how many stipends we have etc. 17:16:42 I also think it would be ideal to have the new website done before we do the announcement 17:16:56 That would be a good reason to push back till June 17:17:19 so I think this means 17:17:42 #agreed we shall move the OONI hackathon down to june 17:17:53 any dissent? 17:18:01 * r2r0 wonders what will happen with these commands 17:18:15 #agreed the earth is flat 17:18:44 maybe it requires more than 1 #agreed 17:18:52 heh 17:19:06 any more or should the next go? 17:19:23 I have a couple of more things to say, but I can also add them later 17:20:31 I have almost finished the meek test and test spec 17:21:22 started working on the greek censorship article again, aiming at publishing a short version for ooni website blog 17:22:35 work a bit on lepidopter.. hopefully the images will be ready next week 17:23:02 great! 17:23:12 run some tests on the updated version of the greek blacklist 17:23:26 they have added some more websites 17:23:50 anadahz: yes I noticed, and they also killed the old version of the list.. 17:24:09 all the links to those 404 and they disabled crawling from the internet archive 17:24:10 yes but I have all of them archived ;) 17:24:15 #OpenData 17:24:38 anadahz: ah cool. I started working on a parser for it to add to citizenlab/test-lists 17:25:02 I don't understand why these stupid governments publish their blocklists in a pdf 17:25:19 yes i had a look 17:25:24 though italy is worse, they use a corrupt rtf 17:25:38 that requires monkey patching the python rtf module to parse it 17:25:51 who killed the list? 17:26:01 gamingcommission.gov.gr 17:26:04 https://github.com/hellais/test-lists/blob/85ddf3db63cdbc98025c771e46a4594f6ae94da0/lib/lists/official/it/aams.py 17:26:08 from archive.org? 17:26:40 aagbsn: archive never had it because they said ignore: * in robots.txt 17:26:55 https://twitter.com/hellais/status/587278803011051521 17:26:58 https://twitter.com/hellais/status/587279146755223552 17:27:58 anadahz: anyways, is there more? 17:28:39 nope 17:29:22 * irl still hasn't got timezones right 17:29:25 someone else have something to talk about? 17:29:35 i can talk about debian packages, if that's not already happened 17:29:36 I can go 17:29:37 irl: yeah, time zones are not right 17:30:00 duncank: go for it 17:30:03 ok 17:30:17 this is where the homepage design is at: 17:30:22 https://vtllf.org/scratch/ooni-web/i/index 17:30:38 next I plan to start making some content 17:30:51 (though still open to feedback on the design) 17:31:12 plan to start with an example page describing a nettest 17:31:25 so I can get some feedback on it 17:31:36 that's all from me 17:32:12 duncank: awesome 17:32:23 duncank: i like this design. (: 17:32:30 yay 17:32:35 I like the design 17:32:40 I also think this iteration is the best! 17:32:46 I think the graphs with country codes should introduce more color though 17:32:49 it keeps the logo in the original form 17:33:00 it has the blue banner that vasilis liked 17:33:13 and has the grey footer 17:33:18 ++ 17:33:21 i would possibly check with the people who's logos are greyscaled, to make sure that won't upset anyone. 17:33:34 aagbsn: yes, that chart is very placeholder 17:33:35 duncank: the only thing is that I think there is a problem with the colors of the text/svg in the banner 17:33:46 it's not aliasing properly with the background 17:33:55 might be a line chart or something else entirely in the end 17:34:23 r2r0: ok thanks, I'll try figure out what's going on there 17:34:35 also the OONI writing needs to be in all caps (we changed it with the new stickers) 17:35:00 ok, send pics :) 17:35:01 (which by the way have arrived and look quite epic: https://pbs.twimg.com/media/CCahekEVIAA_Jfn.jpg:large 17:35:04 ) 17:35:15 they are HUGE 17:35:35 I might move the 'how ooni works' diagram lower 17:35:42 r2r0: (: 17:35:58 on a small screen it's the first thing I see, but it isn't clear what the project is about, etc 17:36:14 i was wondering if there's enough context there. 17:36:45 aagbsn: ok, I'll think about how that could be improved 17:37:12 I think that can be done by working a bit on the graph 17:37:37 here are some of the notions that I think should be communicated via the graph: 17:37:43 either a graphic that is immediately explanator - or a project tl;dor ? 17:37:46 1) That there are lot's of probes in different networks 17:38:08 2) That not every country has an evil censorship, some of them have censors that are more evil than others 17:38:43 3) Our "backends" or "servers" (perhaps servers is more mainstream) are also plenty and distributed, though less than the probes 17:39:25 4) The general public, policy makers, NGOs, etc. will read the reports that are submitted by probes to understand internet censorship in the world and take action based on this 17:40:02 I would leave out the Tor aspect as I think it is a technical detail that is not crucial to a general user that first visits the site 17:40:30 as in the label on the diagram? 17:40:31 I would re-use the graph you put on the front page for some sections of the site that explain in common language the various tests 17:40:35 as mentioned in valencia at tor-dev; I want to produce monthly automatic reports 17:40:47 that one in particular would be the one about the blocking/http-requests test 17:41:06 so perhaps the top element could be the most recent report 17:41:20 (here is an earlier version with the "how it works" section lower for comparison:) 17:41:25 https://vtllf.org/scratch/ooni-web/d/index 17:41:55 but maybe recent news isn't ideal to go at the top either 17:42:00 I actually am quite convinced that if we think a bit on how to do the chart well it can be the best thing to put up on top 17:42:23 duncank: still my favourite: https://vtllf.org/scratch/ooni-web/a/images/how-ooni-works.svg 17:42:24 jjjjjj~. 17:43:24 I can make a crappy diagram with keynote of how I would imagine the 4 elements present in the chart 17:43:29 *diagram 17:43:34 r2r0: yes, I'd like visitors to see something informative about censorship in the world at large on the first page 17:43:47 go for it, please send me a copy :) 17:45:18 maps are powerful elements 17:45:47 good to maybe say somewhere what o.o.n.i. stands for also? 17:45:48 but we could also have a 'random visualization of data' 17:47:11 landers: yes, I'll have another look at that 17:47:12 duncank: will do 17:47:31 left it out earlier because I couldn't make it fit nicely 17:47:39 irl: do you want to say something on debian packaging? 17:48:12 i can quickly say that i'm looking at it, but i'm disappearing also. 17:48:23 irl: sorry I just now read your PM 17:48:30 i plan to have the debian package worked by the end of the week. ubuntu packages by the end of the month. 17:48:37 ok no worries we can talk about this later or tomorrow 17:48:40 can give more details later. 17:48:45 cool 17:48:52 sorry, i need to sort out timezones and schedules and stuff. not very organised today. 17:49:03 ack 17:49:12 does anybody else have something they would like to talk about? 17:51:08 in that case I will add the other couple of things I previously witheld 17:51:31 we were working on a proposal to get some funding from the European Union to do: 17:51:36 1) Hackfests 17:51:41 2) OONI mobile development 17:51:49 3) Raspberry pi deployments 17:52:25 we were doing it though hermes with Nexa 17:52:49 though we realised that it's not possible to get EU funding unless the people paid are employed by hermes 17:53:03 so I will just be part of the board of something for this proposal 17:53:17 and we will probably just end up managing to fund some OONI hackathons with it 17:53:26 so still good 17:53:53 I also did a bit more progress on the OTF proposal and I think some of you have a copy of it 17:54:06 it's due by May 1st so we should finish it ASAP and submit it 17:55:01 Regarding the IFCCI project, we have finished all the work due by 30th of March and have started work on what needs to be done in April 17:55:25 though we don't yet have a contract signed, I believe what will be the deliverables are: 17:55:34 1) Finishing the implementation of the tests and specs 17:55:41 2) Workin on raspberry pi images 17:55:54 3) (if we have more time) doing the informed consent research 17:56:05 speaking of informed consent 17:56:20 I think we should consider working on a paper to submit to PETS 17:56:30 that is HotPETS 17:57:11 r2r0: is the proposal finalized yet? 17:58:11 they require just a 2 page abstract for considering it so I think we can manage to produce something by the deadline of April 24th 17:58:30 aagbsn: I have written all of the sections and they include enough details, I think 17:59:08 but it would be ideal to have people proofread it, provide feedback on it, before we consider it finalized 18:01:44 aagbsn: ah sorry I thought you meant the OTF one 18:02:00 the EU one has been submitted 18:06:03 r2r0: did you have any news about the possible ooni operators worldwide? 18:06:24 ok. Let's coordinate to go over the proposal this week. 18:06:36 anadahz: I don't fully understand the question 18:07:38 there were couple of groups willing to run some ooniprobe infrastructure in various ISPs and geo-locations 18:08:38 ah yes 18:08:49 I have not followed up with any of them recently 18:09:01 but to do so I think we need to have the raspberry pi images ready 18:10:03 yes sounds reasonable 18:10:19 however many would like to run on their own infrastructure 18:10:35 VPSs or similar 18:11:09 anyway we should ping them 18:11:17 agreed 18:11:45 ah before I forget 18:12:58 I was reading a journal article with a comparison of censorship detection and circumvention (searching for a link) 18:13:28 and there was a very accurate classification of censorship tests 18:13:33 OONI was there as well 18:13:49 and the following tests were missing: 18:14:18 BGP tampering, DNShijacking, DNS injection, TLS DoS 18:15:20 anadahz: ah yes 18:15:22 perhaps we should add some tickets to deploy some new tests including the net neutrality test that isabela and aagbsn suggested 18:15:29 the giuseppe aceto one 18:15:34 from the university of naples 18:15:50 I have not yet read through it all, just skimmed it briefly today 18:15:51 it's possible they didn't consider our DNS injection test as part of ooniprobe-1.0 18:15:58 r2r0: yes 18:16:17 BGP tampering is one we should add 18:16:32 http://www.sciencedirect.com/science/article/pii/S1389128615000948# 18:17:11 BGP is currently a bit incompatible with the OONI model of doing tests 18:17:20 since we reply on network vantage points 18:17:48 and don't think we could easily make ooniprobe run on cisco routers 18:18:29 but I met in Turin some months ago people that were working on a BGP monitoring probe software 18:18:44 something like a rrdtool for BGP 18:18:47 r2r0: just traceroute tbh 18:19:20 we just need a tool to see if the AS path changes for particular prefixes 18:19:22 and it would be cool to have them formalise their tool as an ooni test 18:19:48 aagbsn: that would be a bit limited though, it wouldn't give you the actual interconnections 18:20:47 and traceroute can be faked 18:21:04 some of the network segments may be done over VLANs or may not consider ttl 18:21:09 hm. 18:21:53 though it would be very cool to have something that scrapes data from the various looking glasses and archives it as an ooni report 18:22:09 this could be the starting point for non vantage point specific ooniprobe tests 18:22:25 I can also think of other tests that fit in this category 18:22:26 like: 18:22:27 we might want to make it easier to submit to ooni's backend 18:22:55 1) Enumerate all the open resolvers and do DNS consistency on them 18:23:39 2) Indirect scanning for DNS injection or the zombie scan type technique in royas bridge reachability paper 18:24:19 aagbsn: what is hard about it? I think the API is quite solid and well documented 18:24:36 the main issue I see with it currently is that we only support tor hidden services 18:24:37 I mean to make it easy for a 3rd party tool to generate a report and submit it 18:24:50 it just needs a bit of example code to show how this can be done 18:25:12 aagbsn: submitting a report is just a matter of sending a POST to /report with a json document containg your tools name and the test name 18:25:36 you get back an ID and then you just send YAML data via POST to /report/ 18:25:50 right; for python tools we already provide code to do that 18:26:05 it's just not obvious that you can use it as a library 18:26:17 yeah, and I don't think we can/should make a client for every possible lanauge/framework 18:26:35 I mean it's up to the developer of the tool to choose what library to use for sending HTTP requests and parsing JSON 18:27:15 thought it may be useful to document it also using swagger 18:30:00 I wrote a spec for the measurements and reports API here: https://github.com/TheTorProject/ooni-spec/commit/0de07097b13d4e95a535c355bd03c06980515f81 18:31:14 anyways it seems like we are more than 30 minutes out of time 18:31:30 are there any more things that need to be discussed? 18:35:57 i guess not presently 18:38:12 ok cool 18:38:23 then thanks for attending and see you around! 18:38:26 #endmeeting